--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+CMAKE_MINIMUM_REQUIRED(VERSION 2.8)
+
+PROJECT(ode)
+
+IF(NOT DEFINED VERSION)
+ SET(VERSION "0.0.1")
+ENDIF(NOT DEFINED VERSION)
+
+INCLUDE(FindPkgConfig)
+
+IF(NOT CMAKE_BUILD_TYPE)
+ SET(CMAKE_BUILD_TYPE "DEBUG")
+ENDIF(NOT CMAKE_BUILD_TYPE)
+
+SET(ODE_LIB ${PROJECT_SOURCE_DIR}/lib)
+SET(ODE_SERVER ${PROJECT_SOURCE_DIR}/server)
+SET(ODE_TOOLS ${PROJECT_SOURCE_DIR}/tools)
+SET(ODE_TESTS ${PROJECT_SOURCE_DIR}/tests)
+
+IF("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU" AND CMAKE_CXX_COMPILER_VERSION VERSION_LESS 4.7)
+ SET(CXX_STD "c++0x")
+else()
+ SET(CXX_STD "c++11")
+endif()
+
+SET(COMPILE_BASE_FLAGS "-g -fPIC -Werror -Wall -Wl,--as-needed -Wl,--no-whole-archive")
+SET(CMAKE_C_FLAGS_PROFILING "${COMPILE_BASE_FLAGS} -O0 -pg")
+SET(CMAKE_CXX_FLAGS_PROFILING "${COMPILE_BASE_FLAGS} -O0 -pg -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_DEBUG "${COMPILE_BASE_FLAGS} -O0 -ggdb")
+SET(CMAKE_CXX_FLAGS_DEBUG "${COMPILE_BASE_FLAGS} -O0 -ggdb -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_RELEASE "${COMPILE_BASE_FLAGS} -O2 -DNDEBUG")
+SET(CMAKE_CXX_FLAGS_RELEASE "${COMPILE_BASE_FLAGS} -O2 -DNDEBUG -std=${CXX_STD} -fno-rtti")
+SET(CMAKE_C_FLAGS_CCOV "${COMPILE_BASE_FLAGS} -O0 --coverage")
+SET(CMAKE_CXX_FLAGS_CCOV "${COMPILE_BASE_FLAGS} -O0 --coverage -std=${CXX_STD} -fno-rtti")
+
+IF(NOT DEFINED LIB_DIR)
+ SET(LIB_DIR "${CMAKE_INSTALL_LIBDIR}")
+ENDIF(NOT DEFINED LIB_DIR)
+
+IF(NOT DEFINED INCLUDE_DIR)
+ SET(INCLUDE__DIR "${CMAKE_INSTALL_INCLUDEDIR}")
+ENDIF(NOT DEFINED INCLUDE_DIR)
+
+IF(NOT DEFINED RUN_DIR)
+ SET(RUN_DIR "/run")
+ENDIF(NOT DEFINED RUN_DIR)
+
+IF(NOT DEFINED BIN_DIR)
+ SET(BIN_DIR "${CMAKE_INSTALL_BINDIR}")
+ENDIF(NOT DEFINED BIN_DIR)
+
+IF(NOT DEFINED HOME_DIR)
+ SET(HOME_DIR "/home")
+ENDIF(NOT DEFINED HOME_DIR)
+
+IF(NOT DEFINED PAMD_DIR)
+ SET(PAMD_DIR "${SYSCONF_INSTALL_DIR}/pam.d")
+ENDIF(NOT DEFINED PAMD_DIR)
+
+IF(NOT DEFINED SYSTEMD_UNIT_DIR)
+ SET(SYSTEMD_UNIT_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system")
+ENDIF(NOT DEFINED SYSTEMD_UNIT_DIR)
+
+ADD_DEFINITIONS(-DUG_WAYLAND)
+
+ADD_SUBDIRECTORY(${ODE_LIB})
+ADD_SUBDIRECTORY(${ODE_SERVER})
+ADD_SUBDIRECTORY(${ODE_TOOLS})
+ADD_SUBDIRECTORY(${ODE_TESTS})
--- /dev/null
+Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved.
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+SET(LIB_VERSION "${VERSION}")
+SET(LIB_SOVERSION "0")
+
+SET(PC_FILE "${PROJECT_NAME}.pc")
+
+SET(SOURCES client.cpp
+ secure-erase.cpp
+ internal-encryption.cpp
+ external-encryption.cpp
+ ode/secure-erase.cpp
+ ode/internal-encryption.cpp
+ ode/external-encryption.cpp
+)
+
+SET(CAPI_INCLUDE_FILES ode/common.h
+ ode/secure-erase.h
+ ode/internal-encryption.h
+ ode/external-encryption.h
+)
+
+
+SET (CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,-z,noexecstack")
+
+PKG_CHECK_MODULES(LIBS_DEPS REQUIRED
+ klay
+ glib-2.0
+ libtzplatform-config
+)
+
+ADD_LIBRARY(${PROJECT_NAME} SHARED ${SOURCES})
+SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES COMPILE_FLAGS "-fvisibility=hidden")
+SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES SOVERSION ${LIB_SOVERSION})
+SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${LIB_VERSION})
+
+INCLUDE_DIRECTORIES(SYSTEM ${LIBS_DEPS_INCLUDE_DIRS} ${ODE_LIB} ${PROJECT_SOURCE_DIR})
+TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${LIBS_DEPS_LIBRARIES} pthread)
+
+CONFIGURE_FILE(${PC_FILE}.in ${CMAKE_BINARY_DIR}/${PC_FILE} @ONLY)
+
+INSTALL(FILES ${CMAKE_BINARY_DIR}/${PC_FILE} DESTINATION ${LIB_INSTALL_DIR}/pkgconfig)
+INSTALL(TARGETS ${PROJECT_NAME} DESTINATION ${LIB_INSTALL_DIR} COMPONENT RuntimeLibraries)
+INSTALL(FILES ${CAPI_INCLUDE_FILES} DESTINATION ${INCLUDE_INSTALL_DIR}/ode)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include "client.h"
+
+namespace {
+
+const std::string ODE_MANAGER_ADDRESS = "/tmp/.ode.sock";
+
+} // namespace
+
+
+ODEContext::ODEContext() noexcept
+{
+}
+
+ODEContext::~ODEContext() noexcept
+{
+ disconnect();
+}
+
+int ODEContext::connect(const std::string& address) noexcept
+{
+ try {
+ client.reset(new rmi::Client(address));
+ client->connect();
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+
+ return 0;
+}
+
+int ODEContext::connect() noexcept
+{
+ return connect(ODE_MANAGER_ADDRESS);
+}
+
+void ODEContext::disconnect() noexcept
+{
+ client.reset();
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __ODE_CLIENT_H__
+#define __ODE_CLIENT_H__
+
+#include <string>
+#include <memory>
+#include <functional>
+
+#include <klay/rmi/client.h>
+
+class ODEContext final {
+public:
+ typedef std::unique_ptr<rmi::Client> ODEControlContext;
+
+ ODEContext() noexcept;
+ ~ODEContext() noexcept;
+
+ int connect() noexcept;
+ int connect(const std::string& address) noexcept;
+ void disconnect() noexcept;
+
+ template<typename Interface, typename... Args>
+ Interface createInterface(Args&&... args) noexcept
+ {
+ return Interface(getODEControlContext(), std::forward<Args>(args)...);
+ }
+
+private:
+ ODEControlContext& getODEControlContext()
+ {
+ return client;
+ }
+
+ ODEControlContext client;
+};
+
+ODEContext& GetODEContext(void* handle);
+#endif //__ODE_CLIENT_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __ODE_CONTEXT__
+#define __ODE_CONTEXT__
+
+#include "client.h"
+
+using ODEControlContext = ::ODEContext::ODEControlContext;
+
+#endif //!__ODE_CONTEXT__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include "rmi/external-encryption.h"
+
+namespace ode {
+
+ExternalEncryption::ExternalEncryption(ODEControlContext& ctx) :
+ context(ctx)
+{
+}
+
+ExternalEncryption::~ExternalEncryption()
+{
+}
+
+int ExternalEncryption::mount(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::erase", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::umount()
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::clean");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::encrypt(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::encrypt", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::decrypt(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::decrypt", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::changePassword(const std::string& oldPassword,
+ const std::string& newPassword)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::changePassword",
+ oldPassword, newPassword);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::getState()
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::getState");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include "rmi/internal-encryption.h"
+
+namespace ode {
+
+InternalEncryption::InternalEncryption(ODEControlContext& ctx) :
+ context(ctx)
+{
+}
+
+InternalEncryption::~InternalEncryption()
+{
+}
+
+int InternalEncryption::mount(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::password", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::umount()
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::umount");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::encrypt(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::encrypt", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::decrypt(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::decrypt", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::changePassword(const std::string& oldPassword,
+ const std::string& newPassword)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::changePassword",
+ oldPassword, newPassword);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::getState()
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::getState");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+} // namespace ode
--- /dev/null
+# Package Information for pkg-config
+
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=@CMAKE_INSTALL_PREFIX@
+libdir=@LIB_INSTALL_DIR@
+includedir=@INCLUDE_INSTALL_DIR@
+
+Name: @PROJECT_NAME@
+Description: Tizen @PROJECT_NAME@ Client library
+Version: @VERSION@
+Libs: -L${libdir} -l@PROJECT_NAME@
+Cflags: -I${includedir}/@PROJECT_NAME@
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_ODE_COMMON_H__
+#define __CAPI_ODE_COMMON_H__
+
+#include <tizen.h>
+
+/**
+ * @file ode.h
+ * @brief This file defines common data types required to ode APIs.
+ */
+
+#ifndef ODE_API
+#define ODE_API __attribute__((visibility("default")))
+#endif // API
+
+#ifndef TRUE
+#define TRUE 1
+#endif
+
+#ifndef FALSE
+#define FALSE 0
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @addtogroup CAPI_ODE_ODE_ODE_MANAGER_MODULE
+ * @{
+ */
+
+/**
+ * @brief Enumeration of device encryption API errors
+ * @since_tizen 3.0
+ */
+typedef enum {
+ ODE_ERROR_NONE = TIZEN_ERROR_NONE, /**< The operation was successful */
+ ODE_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */
+ ODE_ERROR_CONNECTION_REFUSED = TIZEN_ERROR_CONNECTION_REFUSED, /**< Connection refused */
+ ODE_ERROR_TIMED_OUT = TIZEN_ERROR_TIMED_OUT, /**< Time out */
+ ODE_ERROR_PERMISSION_DENIED = TIZEN_ERROR_PERMISSION_DENIED, /**< Access privilege is not sufficient */
+ ODE_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Operation is not supported */
+ ODE_ERROR_NO_SUCH_FILE = TIZEN_ERROR_NO_SUCH_FILE, /**< No such file or directory */
+ ODE_ERROR_FILE_EXISTS = TIZEN_ERROR_FILE_EXISTS, /**< File exists */
+ ODE_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
+ ODE_ERROR_NOT_PERMITTED = TIZEN_ERROR_NOT_PERMITTED, /**< Operation is not permitted */
+ ODE_ERROR_KEY_REJECTED = TIZEN_ERROR_KEY_REJECTED /**< Passwor is rejected */
+} ode_error_type_e;
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_ODE_ODE_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_ODE_ASSERT_H__
+#define __CAPI_ODE_ASSERT_H__
+
+#define RET_ON_FAILURE(cond, ret) \
+{ \
+ if (!(cond)) \
+ return (ret); \
+}
+
+#endif //! __CAPI_ODE_ASSERT_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include "debug.h"
+#include "external-encryption.h"
+
+#include "client.h"
+#include "rmi/external-encryption.h"
+
+using namespace ode;
+
+int ode_external_encryption_mount(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.mount(password);
+}
+
+int ode_external_encryption_umount()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.umount();
+}
+
+int ode_external_encryption_encrypt(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.encrypt(password);
+}
+
+int ode_external_encryption_decrypt(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.decrypt(password);
+}
+
+int ode_external_encryption_change_password(const char* old_password,
+ const char* new_password)
+{
+ RET_ON_FAILURE(old_password, ODE_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(new_password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.changePassword(new_password, old_password);
+}
+
+int ode_external_encryption_get_state(int* state)
+{
+ RET_ON_FAILURE(state, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+ int ret = external.getState();
+
+ RET_ON_FAILURE(ret != -1, ODE_ERROR_INVALID_PARAMETER);
+
+ *state = ret;
+ return ODE_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_ODE_EXTERNAL_ENCRYPTION_H__
+#define __CAPI_ODE_EXTERNAL_ENCRYPTION_H__
+
+#include <ode/common.h>
+
+/**
+ * @file external-encryption.h
+ * @brief This file provides APIs to manage the encryption of external storage
+ * such as SD card.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Mount external storage with encryption by given password.
+ * @details Administrator can use this API to mount encrypted external
+ * storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to mount external storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_external_encryption_encrypt()
+ * @see ode_external_encryption_umount()
+ */
+ODE_API int ode_external_encryption_mount(const char* password);
+
+/**
+ * @brief Umount external storage
+ * @details Administrator can use this API to unmount external storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_external_encryption_mount()
+ */
+ODE_API int ode_external_encryption_umount();
+
+/**
+ * @brief Encrypt external storage by given password.
+ * @details Administrator can use this API to encrypt external storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to encrypt external storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The handle must be created by ode_manager_create().
+ * @see ode_manager_create()
+ * @see ode_manager_destroy()
+ * @see ode_external_encryption_mount()
+ * @see ode_external_encryption_decrypt()
+ */
+ODE_API int ode_external_encryption_encrypt(const char* password);
+
+/**
+ * @brief Decrypt external storage by given password.
+ * @details Administrator can use this API to decrypt external storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to decrypt external storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_external_encryption_encrypt()
+ */
+ODE_API int ode_external_encryption_decrypt(const char* password);
+
+/**
+ * @brief Change the password for external storage.
+ * @details Administrator can use this API to change password for external
+ * storage.
+ * @since_tizen 3.0
+ * @param[in] old_password Current password of external storage
+ * @param[in] new_password The password to use newly for external storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED old_password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_external_encryption_encrypt()
+ */
+ODE_API int ode_external_encryption_change_password(const char* old_password,
+ const char* new_password);
+
+/**
+ * @brief Get current encryption state of external storage.
+ * @details Administrator can use this API to get current encryption state
+ * of external storage.
+ * @since_tizen 3.0
+ * @param[out] state The encryption state of external storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_external_encryption_encrypt()
+ * @see ode_external_encryption_decrypt()
+ */
+ODE_API int ode_external_encryption_get_state(int* state);
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_ODE_EXTERNAL_ENCRYPTION_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include "debug.h"
+#include "internal-encryption.h"
+
+#include "client.h"
+#include "rmi/internal-encryption.h"
+
+using namespace ode;
+
+int ode_internal_encryption_mount(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.mount(password);
+}
+
+int ode_internal_encryption_umount()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.umount();
+}
+
+int ode_internal_encryption_encrypt(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.encrypt(password);
+}
+
+int ode_internal_encryption_decrypt(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.decrypt(password);
+}
+
+int ode_internal_encryption_change_password(const char* old_password,
+ const char* new_password)
+{
+ RET_ON_FAILURE(old_password, ODE_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(new_password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.changePassword(new_password, old_password);
+}
+
+int ode_internal_encryption_get_state(int* state)
+{
+ RET_ON_FAILURE(state, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+ int ret = internal.getState();
+
+ RET_ON_FAILURE(ret != -1, ODE_ERROR_INVALID_PARAMETER);
+
+ *state = ret;
+ return ODE_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_ODE_INTERNAL_ENCRYPTION_H__
+#define __CAPI_ODE_INTERNAL_ENCRYPTION_H__
+
+#include <ode/common.h>
+
+/**
+ * @file internal-encryption.h
+ * @brief This file provides APIs to manage the encryption of internal storage.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Mount internal storage with encryption by given password.
+ * @details Administrator can use this API to mount encrypted internal
+ * storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to mount internal storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_internal_encryption_encrypt()
+ * @see ode_internal_encryption_umount()
+ */
+ODE_API int ode_internal_encryption_mount(const char* password);
+
+/**
+ * @brief Umount internal storage
+ * @details Administrator can use this API to unmount internal storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_mount()
+ */
+ODE_API int ode_internal_encryption_umount();
+
+/**
+ * @brief Encrypt internal storage by given password.
+ * @details Administrator can use this API to encrypt internal storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to encrypt internal storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_mount()
+ * @see ode_internal_encryption_decrypt()
+ */
+ODE_API int ode_internal_encryption_encrypt(const char* password);
+
+/**
+ * @brief Decrypt internal storage by given password.
+ * @details Administrator can use this API to decrypt internal storage.
+ * @since_tizen 3.0
+ * @param[in] password The password to decrypt internal storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_internal_encryption_encrypt()
+ */
+ODE_API int ode_internal_encryption_decrypt(const char* password);
+
+/**
+ * @brief Change the password for internal storage.
+ * @details Administrator can use this API to change password for internal
+ * storage.
+ * @since_tizen 3.0
+ * @param[in] old_password Current password of internal storage
+ * @param[in] new_password The password to use newly for internal storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED old_password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must matched with what used for encryption.
+ * @see ode_internal_encryption_encrypt()
+ */
+ODE_API int ode_internal_encryption_change_password(const char* old_password,
+ const char* new_password);
+
+/**
+ * @brief Get current encryption state of internal storage.
+ * @details Administrator can use this API to get current encryption state
+ * of internal storage.
+ * @since_tizen 3.0
+ * @param[out] state The encryption state of internal storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_encrypt()
+ * @see ode_internal_encryption_decrypt()
+ */
+ODE_API int ode_internal_encryption_get_state(int* state);
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_ODE_INTERNAL_ENCRYPTION_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include "debug.h"
+#include "secure-erase.h"
+
+#include "client.h"
+#include "rmi/secure-erase.h"
+
+using namespace ode;
+
+int ode_secure_erase(const char* name)
+{
+ RET_ON_FAILURE(name, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ SecureErase secure = client.createInterface<SecureErase>();
+
+ return secure.erase(name);
+}
+
+int ode_secure_clean(const char* name)
+{
+ RET_ON_FAILURE(name, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ SecureErase secure = client.createInterface<SecureErase>();
+
+ return secure.clean(name);
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __CAPI_ODE_SECURE_ERASE_H__
+#define __CAPI_ODE_SECURE_ERASE_H__
+
+#include <ode/common.h>
+
+/**
+ * @file secure-erase.h
+ * @brief This file provides APIs to secure actions in the ode
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @brief Erase the file or device with given name securely.
+ * @details Administrator can use this API to secure-erase the files.
+ * @since_tizen 3.0
+ * @param[in] name The file/directory or device name
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The file or device to the given name must be exists.
+ * @pre If the device is specified, it must be a block device.
+ */
+ODE_API int ode_secure_erase(const char* name);
+
+/**
+ * @brief Clean garbage in the device with given name securely.
+ * @details Administrator can use this API to collect garbage in the device.
+ * @since_tizen 3.0
+ * @param[in] name The device name
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The device to the given name must be exists.
+ */
+ODE_API int ode_secure_clean(const char* name);
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __CAPI_ODE_SECURE_ERASE_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include "rmi/secure-erase.h"
+
+namespace ode {
+
+SecureErase::SecureErase(ODEControlContext& ctx) :
+ context(ctx)
+{
+}
+
+SecureErase::~SecureErase()
+{
+}
+
+int SecureErase::erase(const std::string& name)
+{
+ try {
+ return context->methodCall<int>("SecureErase::erase", name);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int SecureErase::clean(const std::string& name)
+{
+ try {
+ return context->methodCall<int>("SecureErase::clean", name);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+} // namespace ode
--- /dev/null
+<manifest>
+ <request>
+ <domain name="_" />
+ </request>
+</manifest>
--- /dev/null
+Name: ode
+Version: 0.0.1
+Release: 0
+License: Apache-2.0
+Source0: file://%{name}-%{version}.tar.gz
+Summary: Tizen device encryption and secure erase manager
+Group: Security/Service
+Requires: systemd
+BuildRequires: gcc
+BuildRequires: cmake
+BuildRequires: gettext-tools
+BuildRequires: pkgconfig(klay)
+BuildRequires: pkgconfig(glib-2.0)
+BuildRequires: pkgconfig(libxml-2.0)
+BuildRequires: pkgconfig(libtzplatform-config)
+BuildRequires: pkgconfig(key-manager)
+BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(cynara-session)
+
+%description
+The ode package provides a daemon which is responsible for encrypting/decryption storages and secure erasing.
+
+%files
+%manifest ode.manifest
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/oded
+%{_unitdir}/ode.service
+%{_unitdir}/multi-user.target.wants/ode.service
+%attr(700,root,root) %{_sbindir}/ode-admin-cli
+
+%prep
+%setup -q
+
+%build
+%{!?build_type:%define build_type "RELEASE"}
+
+%if %{build_type} == "DEBUG" || %{build_type} == "PROFILING" || %{build_type} == "CCOV"
+ CFLAGS="$CFLAGS -Wp,-U_FORTIFY_SOURCE"
+ CXXFLAGS="$CXXFLAGS -Wp,-U_FORTIFY_SOURCE"
+%endif
+
+%{!?profile:%define profile "mobile"}
+
+%cmake . -DVERSION=%{version} \
+ -DCMAKE_BUILD_TYPE=%{build_type} \
+ -DTIZEN_PROFILE_NAME=%{profile} \
+ -DRUN_DIR=%{TZ_SYS_RUN} \
+ -DBIN_DIR=%{TZ_SYS_BIN} \
+ -DSYSTEMD_UNIT_DIR=%{_unitdir}
+
+make %{?jobs:-j%jobs}
+
+%install
+%make_install
+mkdir -p %{buildroot}/%{_unitdir}/multi-user.target.wants
+ln -s ../ode.service %{buildroot}/%{_unitdir}/multi-user.target.wants/ode.service
+
+%clean
+rm -rf %{buildroot}
+
+%postun
+
+## ODE Client Package ########################################################
+%package -n libode
+Summary: Library for Tizen device encryption and secure erase
+Group: Security/Libraries
+BuildRequires: pkgconfig(libtzplatform-config)
+Requires: %{name} = %{version}-%{release}
+Requires(post): /sbin/ldconfig
+Requires(postun): /sbin/ldconfig
+
+%description -n libode
+The libode package contains the libraries needed to encrypt/decrypt storages and secure erasing.
+
+%post -n libode -p /sbin/ldconfig
+
+%postun -n libode -p /sbin/ldconfig
+
+%files -n libode
+%manifest ode.manifest
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_libdir}/libode.so.%{version}
+%{_libdir}/libode.so.0
+
+## Devel Package ##############################################################
+%package -n libode-devel
+Summary: Libraries and header files for device encryption client development
+Group: Development/Libraries
+Requires: libode = %{version}-%{release}
+
+%description -n libode-devel
+The libode-devel package includes the libraries and header files necessary for
+developing device encryption client program.
+
+%files -n libode-devel
+%manifest ode.manifest
+%defattr(644,root,root,755)
+%{_libdir}/libode.so
+%{_includedir}/ode
+%{_libdir}/pkgconfig/ode.pc
+
+## Unittest Package ###########################################################
+%package -n unit-tests
+Summary: Unit tests to verify components of device encryption
+Group: Security/Testing
+Requires: libode = %{version}-%{release}
+
+%description -n unit-tests
+The libode-devel package includes the libraries and header files necessary for
+developing device encryption client program.
+
+%files -n unit-tests
+%manifest ode.manifest
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/ode-engine-unit-tests
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __EXTERNAL_ENCRYPTION_H__
+#define __EXTERNAL_ENCRYPTION_H__
+
+#include "context.h"
+
+namespace ode {
+
+/**
+ * This class provides APIs to manage the encryption of external stroage
+ * such as SD card.
+ */
+
+class ExternalEncryption final {
+public:
+ ExternalEncryption(ODEControlContext& ctxt);
+ ~ExternalEncryption();
+
+ int mount(const std::string& password);
+ int umount();
+
+ int encrypt(const std::string& password);
+ int decrypt(const std::string& password);
+
+ int changePassword(const std::string& oldPW, const std::string& newPW);
+
+ int getState();
+
+private:
+ ODEControlContext& context;
+};
+
+} // namespace ode
+#endif // __EXTERNAL_ENCRYPTION_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __INTERNAL_ENCRYPTION_H__
+#define __INTERNAL_ENCRYPTION_H__
+
+#include "context.h"
+
+namespace ode {
+
+/**
+ * This class provides APIs to manage the encryption of internal stroage.
+ */
+
+class InternalEncryption final {
+public:
+ InternalEncryption(ODEControlContext& ctxt);
+ ~InternalEncryption();
+
+ int mount(const std::string& password);
+ int umount();
+
+ int encrypt(const std::string& password);
+ int decrypt(const std::string& password);
+
+ int changePassword(const std::string& oldPW, const std::string& newPW);
+
+ int getState();
+
+private:
+ ODEControlContext& context;
+};
+
+} // namespace ode
+#endif // __INTERNAL_ENCRYPTION_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __SECURE_ERASE_H__
+#define __SECURE_ERASE_H__
+
+#include "context.h"
+
+namespace ode {
+
+/**
+ * This class provides APIs to secure actions(erase/clean).
+ */
+
+class SecureErase final {
+public:
+ SecureErase(ODEControlContext& ctxt);
+ ~SecureErase();
+
+ int erase(const std::string& name);
+ int clean(const std::string& name);
+
+private:
+ ODEControlContext& context;
+};
+
+} // namespace ode
+#endif // __SECURE_ERASE_H__
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+SET(SERVER_SRCS main.cpp
+ server.cpp
+ secure-erase.cpp
+ internal-encryption.cpp
+ external-encryption.cpp
+ engine/ext4-engine.cpp
+ engine/dmcrypt-engine.cpp
+ engine/ecryptfs-engine.cpp
+ key-manager/keystore.cpp
+ key-manager/key-generator.cpp
+)
+
+SET(DEPENDENCY klay
+ glib-2.0
+ gio-2.0
+ libxml-2.0
+ libtzplatform-config
+ cynara-client
+ cynara-session
+)
+
+SET(SERVER_NAME ${PROJECT_NAME}d)
+
+ADD_EXECUTABLE(${SERVER_NAME} ${SERVER_SRCS})
+
+PKG_CHECK_MODULES(SERVER_DEPS REQUIRED ${DEPENDENCY})
+
+INCLUDE_DIRECTORIES(SYSTEM ${SERVER_DEPS_INCLUDE_DIRS} ${ODE_SERVER} ${PROJECT_SOURCE_DIR})
+
+TARGET_LINK_LIBRARIES(${SERVER_NAME} ${SERVER_DEPS_LIBRARIES} pthread)
+
+SET_TARGET_PROPERTIES(${SERVER_NAME} PROPERTIES COMPILE_FLAGS "-fPIE")
+SET_TARGET_PROPERTIES(${SERVER_NAME} PROPERTIES LINK_FLAGS "-pie")
+
+TARGET_COMPILE_DEFINITIONS(${SERVER_NAME} PRIVATE
+ RUN_PATH="${RUN_DIR}"
+ ICON_PATH="${ICON_DIR}"
+)
+
+CONFIGURE_FILE(systemd/${PROJECT_NAME}.service.in systemd/${PROJECT_NAME}.service)
+
+INSTALL(TARGETS ${SERVER_NAME} DESTINATION ${BIN_DIR})
+INSTALL(FILES systemd/${PROJECT_NAME}.service DESTINATION ${SYSTEMD_UNIT_DIR})
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __ODE_CONTEXT_H__
+#define __ODE_CONTEXT_H__
+
+#include "server.h"
+
+using ODEControlContext = Server;
+
+#endif //__ODE_CONTEXT_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "dmcrypt-engine.h"
+
+namespace ode {
+
+DMCryptEngine::DMCryptEngine(const std::string& src, const std::string& dest) :
+ source(src), destination(dest)
+{
+}
+
+DMCryptEngine::~DMCryptEngine()
+{
+}
+
+void DMCryptEngine::mount(const DMCryptEngine::data& key)
+{
+ //TODO
+}
+
+void DMCryptEngine::umount()
+{
+ //TODO
+}
+
+void DMCryptEngine::encrypt(const DMCryptEngine::data& key)
+{
+ //TODO
+}
+
+
+
+void DMCryptEngine::decrypt(const DMCryptEngine::data& key)
+{
+ //TODO
+}
+
+
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __DMCRYPT_ENGINE_H__
+#define __DMCRYPT_ENGINE_H__
+
+#include <vector>
+#include <string>
+
+namespace ode {
+
+class DMCryptEngine final {
+public:
+ DMCryptEngine(const std::string& src, const std::string& dest);
+ DMCryptEngine(const DMCryptEngine&) = delete;
+ DMCryptEngine(DMCryptEngine&&) = delete;
+ ~DMCryptEngine();
+
+ DMCryptEngine& operator=(const DMCryptEngine&) = delete;
+ DMCryptEngine& operator=(DMCryptEngine&&) = delete;
+
+ const std::string& getSource()
+ {
+ return source;
+ }
+
+ const std::string& getDestination()
+ {
+ return destination;
+ }
+
+ typedef std::vector<unsigned char> data;
+
+ void mount(const data& key);
+ void umount();
+
+ void encrypt(const data& key);
+ void decrypt(const data& key);
+
+private:
+ std::string source, destination;
+};
+
+} // namespace ode
+#endif // __DMCRYPT_ENGINE_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "ecryptfs-engine.h"
+
+namespace ode {
+
+EcryptfsEngine::EcryptfsEngine(const std::string& src, const std::string& dest) :
+ source(src), destination(dest)
+{
+}
+
+EcryptfsEngine::~EcryptfsEngine()
+{
+}
+
+void EcryptfsEngine::mount(const EcryptfsEngine::data& key)
+{
+ //TODO
+}
+
+void EcryptfsEngine::umount()
+{
+ //TODO
+}
+
+void EcryptfsEngine::encrypt(const EcryptfsEngine::data& key)
+{
+ //TODO
+}
+
+
+
+void EcryptfsEngine::decrypt(const EcryptfsEngine::data& key)
+{
+ //TODO
+}
+
+
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __ECRYPTFS_ENGINE_H__
+#define __ECRYPTFS_ENGINE_H__
+
+#include <vector>
+#include <string>
+
+namespace ode {
+
+class EcryptfsEngine final {
+public:
+ EcryptfsEngine(const std::string& src, const std::string& dest);
+ EcryptfsEngine(const EcryptfsEngine&) = delete;
+ EcryptfsEngine(EcryptfsEngine&&) = delete;
+ ~EcryptfsEngine();
+
+ EcryptfsEngine& operator=(const EcryptfsEngine&) = delete;
+ EcryptfsEngine& operator=(EcryptfsEngine&&) = delete;
+
+ const std::string& getSource()
+ {
+ return source;
+ }
+
+ const std::string& getDestination()
+ {
+ return destination;
+ }
+
+ typedef std::vector<unsigned char> data;
+
+ void mount(const data& key);
+ void umount();
+
+ void encrypt(const data& key);
+ void decrypt(const data& key);
+
+private:
+ std::string source, destination;
+};
+
+} // namespace ode
+#endif // __ECRYPTFS_ENGINE_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "ext4-engine.h"
+
+namespace ode {
+
+Ext4Engine::Ext4Engine(const std::string& src, const std::string& dest) :
+ source(src), destination(dest)
+{
+}
+
+Ext4Engine::~Ext4Engine()
+{
+}
+
+void Ext4Engine::mount(const Ext4Engine::data& key)
+{
+ //TODO
+}
+
+void Ext4Engine::umount()
+{
+ //TODO
+}
+
+void Ext4Engine::encrypt(const Ext4Engine::data& key)
+{
+ //TODO
+}
+
+
+
+void Ext4Engine::decrypt(const Ext4Engine::data& key)
+{
+ //TODO
+}
+
+
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __EXT4_ENGINE_H__
+#define __EXT4_ENGINE_H__
+
+#include <vector>
+#include <string>
+
+namespace ode {
+
+class Ext4Engine final {
+public:
+ Ext4Engine(const std::string& src, const std::string& dest);
+ Ext4Engine(const Ext4Engine&) = delete;
+ Ext4Engine(Ext4Engine&&) = delete;
+ ~Ext4Engine();
+
+ Ext4Engine& operator=(const Ext4Engine&) = delete;
+ Ext4Engine& operator=(Ext4Engine&&) = delete;
+
+ const std::string& getSource()
+ {
+ return source;
+ }
+
+ const std::string& getDestination()
+ {
+ return destination;
+ }
+
+ typedef std::vector<unsigned char> data;
+
+ void mount(const data& key);
+ void umount();
+
+ void encrypt(const data& key);
+ void decrypt(const data& key);
+
+private:
+ std::string source, destination;
+};
+
+} // namespace ode
+#endif // __EXT4_ENGINE_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "engine/ecryptfs-engine.h"
+#include "key-manager/keystore.h"
+#include "key-manager/key-generator.h"
+
+#include "rmi/external-encryption.h"
+
+namespace ode {
+
+ExternalEncryption::ExternalEncryption(ODEControlContext& ctx) :
+ context(ctx)
+{
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::mount)(std::string));
+ context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string));
+ context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState));
+}
+
+
+ExternalEncryption::~ExternalEncryption()
+{
+}
+
+int ExternalEncryption::mount(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int ExternalEncryption::umount()
+{
+ //TODO
+ return 0;
+}
+
+int ExternalEncryption::encrypt(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int ExternalEncryption::decrypt(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int ExternalEncryption::changePassword(const std::string& oldPassword,
+ const std::string& newPassword)
+{
+ //TODO
+ return 0;
+}
+
+int ExternalEncryption::getState()
+{
+ //TODO
+ return 0;
+}
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "engine/dmcrypt-engine.h"
+#include "key-manager/keystore.h"
+#include "key-manager/key-generator.h"
+
+#include "rmi/internal-encryption.h"
+
+namespace ode {
+
+InternalEncryption::InternalEncryption(ODEControlContext& ctx) :
+ context(ctx)
+{
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::mount)(std::string));
+ context.registerNonparametricMethod(this, "", (int)(InternalEncryption::umount));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::encrypt)(std::string));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::decrypt)(std::string));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::changePassword)(std::string, std::string));
+ context.registerNonparametricMethod(this, "", (int)(InternalEncryption::getState));
+}
+
+
+InternalEncryption::~InternalEncryption()
+{
+}
+
+int InternalEncryption::mount(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int InternalEncryption::umount()
+{
+ //TODO
+ return 0;
+}
+
+int InternalEncryption::encrypt(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int InternalEncryption::decrypt(const std::string& password)
+{
+ //TODO
+ return 0;
+}
+
+int InternalEncryption::changePassword(const std::string& oldPassword,
+ const std::string& newPassword)
+{
+ //TODO
+ return 0;
+}
+
+int InternalEncryption::getState()
+{
+ //TODO
+ return 0;
+}
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "key-generator.h"
+
+#define PBKDF_DEFAULT_ITERATION 8
+
+namespace ode {
+
+KeyGenerator::KeyGenerator()
+{
+}
+
+KeyGenerator::~KeyGenerator()
+{
+}
+
+const KeyGenerator::data KeyGenerator::PBKDF(const KeyGenerator::data& pass, const KeyGenerator::data& salt)
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+const KeyGenerator::data KeyGenerator::AES(const KeyGenerator::data& in1, const KeyGenerator::data& in2)
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+const KeyGenerator::data KeyGenerator::HMAC(const KeyGenerator::data& original, const KeyGenerator::data& key)
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+const KeyGenerator::data KeyGenerator::RNG()
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __KEY_GENERATOR_H__
+#define __KEY_GENERATOR_H__
+
+#include <vector>
+
+namespace ode {
+
+class KeyGenerator final {
+public:
+ KeyGenerator();
+ KeyGenerator(const KeyGenerator&) = delete;
+ KeyGenerator(KeyGenerator&&) = delete;
+ ~KeyGenerator();
+
+ KeyGenerator& operator=(const KeyGenerator&) = delete;
+ KeyGenerator& operator=(KeyGenerator&&) = delete;
+
+ typedef std::vector<unsigned char> data;
+
+ const data PBKDF(const data& pass, const data& salt);
+ const data AES(const data& in1, const data& in2);
+ const data HMAC(const data& original, const data& key);
+ const data RNG();
+};
+
+} // namespace ode
+#endif // __KEY_GENERATOR_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "keystore.h"
+
+namespace ode {
+
+KeyStore::KeyStore(const std::string& name) :
+ file(name)
+{
+}
+
+KeyStore::~KeyStore()
+{
+}
+
+KeyStore::data KeyStore::getEncryptedDeviceKey()
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+KeyStore::data KeyStore::getEncryptedMasterKey()
+{
+ data ret;
+
+ //TODO
+
+ return ret;
+}
+
+void KeyStore::setEncryptedDeviceKey(const KeyStore::data& key)
+{
+ //TODO
+}
+
+void KeyStore::setEncryptedMasterKey(const KeyStore::data& key)
+{
+ //TODO
+}
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __KEY_STORAGE_H__
+#define __KEY_STORAGE_H__
+
+#include <vector>
+#include <string>
+
+#include <klay/filesystem.h>
+
+namespace ode {
+
+class KeyStore final {
+public:
+ KeyStore(const std::string& name);
+ KeyStore(const KeyStore&) = delete;
+ KeyStore(KeyStore&&) = delete;
+ ~KeyStore();
+
+ KeyStore& operator=(const KeyStore&) = delete;
+ KeyStore& operator=(KeyStore&&) = delete;
+
+ typedef std::vector<unsigned char> data;
+
+ data getEncryptedDeviceKey();
+ data getEncryptedMasterKey();
+
+ void setEncryptedDeviceKey(const data& key);
+ void setEncryptedMasterKey(const data& key);
+
+private:
+ runtime::File file;
+};
+
+} // namespace ode
+
+#endif // __KEY_STORAGE_H__
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <getopt.h>
+#include <stdlib.h>
+#include <signal.h>
+
+#include <iostream>
+#include <stdexcept>
+
+#include "server.h"
+
+void signalHandler(int signum)
+{
+ exit(0);
+}
+
+int main(int argc, char *argv[])
+{
+ ::signal(SIGINT, signalHandler);
+
+ ::umask(0);
+
+ try {
+ Server server;
+ server.run();
+ } catch (std::exception &e) {
+ std::cerr << e.what() << std::endl;
+ return 1;
+ }
+
+ return 0;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/filesystem.h>
+#include <klay/audit/logger.h>
+
+#include "rmi/secure-erase.h"
+
+namespace ode {
+
+SecureErase::SecureErase(ODEControlContext& ctx) :
+ context(ctx)
+{
+ context.registerParametricMethod(this, "", (int)(SecureErase::erase)(std::string));
+ context.registerParametricMethod(this, "", (int)(SecureErase::clean)(std::string));
+}
+
+SecureErase::~SecureErase()
+{
+}
+
+int SecureErase::erase(const std::string& name)
+{
+ return -1;
+}
+
+int SecureErase::clean(const std::string& name)
+{
+ return -1;
+}
+
+
+
+} // namespace ode
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <cynara-client.h>
+#include <cynara-session.h>
+
+#include "server.h"
+
+using namespace std::placeholders;
+
+namespace {
+
+const std::string ODE_MANAGER_ADDRESS = "/tmp/.ode.sock";
+
+} // namespace
+
+Server::Server()
+{
+ service.reset(new rmi::Service(ODE_MANAGER_ADDRESS));
+
+ service->setPrivilegeChecker(std::bind(&Server::checkPeerPrivilege, this, _1, _2));
+}
+
+Server::~Server()
+{
+}
+
+void Server::run()
+{
+ // Prepare execution environment
+ service->start(true);
+}
+
+void Server::terminate()
+{
+ service->stop();
+}
+
+bool Server::checkPeerPrivilege(const rmi::Credentials& cred, const std::string& privilege)
+{
+ cynara *p_cynara;
+
+ if (privilege.empty()) {
+ return true;
+ }
+
+ if (::cynara_initialize(&p_cynara, NULL) != CYNARA_API_SUCCESS) {
+ ERROR("Failure in cynara API");
+ return false;
+ }
+
+ if (::cynara_check(p_cynara, cred.security.c_str(), "",
+ std::to_string(cred.uid).c_str(),
+ privilege.c_str()) != CYNARA_API_ACCESS_ALLOWED) {
+ ::cynara_finish(p_cynara);
+ ERROR("Access denied: " + cred.security + " : " + privilege);
+ return false;
+ }
+
+ ::cynara_finish(p_cynara);
+
+ return true;
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __ODE_SERVER_H__
+#define __ODE_SERVER_H__
+
+#include <string>
+#include <memory>
+
+#include <klay/filesystem.h>
+#include <klay/file-descriptor.h>
+#include <klay/rmi/service.h>
+
+class Server final {
+public:
+ Server();
+ ~Server();
+
+ void run();
+ void terminate();
+
+ template<typename Type, typename... Args>
+ void setMethodHandler(const std::string& privilege, const std::string& method,
+ const typename rmi::MethodHandler<Type, Args...>::type& handler)
+ {
+ service->setMethodHandler<Type, Args...>(privilege, method, handler);
+ }
+
+ uid_t getPeerUid() const
+ {
+ return service->getPeerUid();
+ }
+
+ gid_t getPeerGid() const
+ {
+ return service->getPeerGid();
+ }
+
+ pid_t getPeerPid() const
+ {
+ return service->getPeerPid();
+ }
+
+ bool checkPeerPrivilege(const rmi::Credentials& cred, const std::string& privilege);
+
+private:
+ std::string securityLabel;
+ std::unique_ptr<rmi::Service> service;
+};
+
+#endif //__ODE_SERVER_H__
--- /dev/null
+[Unit]
+Description=@PROJECT_NAME@ management daemon
+
+[Service]
+Type=simple
+SmackProcessLabel=System
+ExecStart=@BIN_DIR@/@PROJECT_NAME@d
+Restart=on-failure
+ExecReload=/bin/kill -HUP $MAINPID
+CapabilityBoundingSet=~CAP_MAC_ADMIN
+CapabilityBoundingSet=~CAP_MAC_OVERRIDE
+CapabilityBoundingSet=~CAP_DAC_OVERRIDE
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+PROJECT(${PROJECT_NAME}-engine-unit-tests)
+
+SET(TEST_SRC main.cpp
+ ext4-engine.cpp
+ dmcrypt-engine.cpp
+ ecryptfs-engine.cpp
+ ../server/engine/ext4-engine.cpp
+ ../server/engine/dmcrypt-engine.cpp
+ ../server/engine/ecryptfs-engine.cpp
+)
+
+ADD_EXECUTABLE(${PROJECT_NAME} ${TEST_SRC})
+
+PKG_CHECK_MODULES(TEST_DEPS REQUIRED klay
+ glib-2.0
+ gio-2.0
+)
+
+INCLUDE_DIRECTORIES(SYSTEM ${TEST_DEPS_INCLUDE_DIRS})
+
+TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${TEST_DEPS_LIBRARIES})
+
+INSTALL(TARGETS ${PROJECT_NAME} DESTINATION bin)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <string>
+#include <klay/exception.h>
+#include <klay/testbench.h>
+
+#include "../server/engine/dmcrypt-engine.h"
+
+#define TEST_PATH "/opt/usr"
+
+TESTCASE(DMCryptGetPathTest)
+{
+ try {
+ ode::DMCryptEngine engine("/dev/mmcblkp0", "/opt/usr");
+ if (engine.getDestination() != "/dev/mmcblkp0") {
+ throw runtime::Exception("Source doen't match");
+ }
+ if (engine.getDestination() != "/opt/usr") {
+ throw runtime::Exception("Destination doen't match");
+ }
+ } catch (runtime::Exception& e) {
+ TEST_FAIL(e.what());
+ }
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <string>
+#include <klay/exception.h>
+#include <klay/testbench.h>
+
+#include "../server/engine/ecryptfs-engine.h"
+
+#define TEST_PATH "/opt/usr"
+
+TESTCASE(EcryptfsGetPathTest)
+{
+ try {
+ ode::EcryptfsEngine engine("/dev/mmcblkp0", "/opt/usr");
+ if (engine.getDestination() != "/dev/mmcblkp0") {
+ throw runtime::Exception("Source doen't match");
+ }
+ if (engine.getDestination() != "/opt/usr") {
+ throw runtime::Exception("Destination doen't match");
+ }
+ } catch (runtime::Exception& e) {
+ TEST_FAIL(e.what());
+ }
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <string>
+#include <klay/exception.h>
+#include <klay/testbench.h>
+
+#include "../server/engine/ext4-engine.h"
+
+#define TEST_PATH "/opt/usr"
+
+TESTCASE(Ext4GetPathTest)
+{
+ try {
+ ode::Ext4Engine engine("/dev/mmcblkp0", "/opt/usr");
+ if (engine.getDestination() != "/dev/mmcblkp0") {
+ throw runtime::Exception("Source doen't match");
+ }
+ if (engine.getDestination() != "/opt/usr") {
+ throw runtime::Exception("Destination doen't match");
+ }
+ } catch (runtime::Exception& e) {
+ TEST_FAIL(e.what());
+ }
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+#include <klay/testbench.h>
+#include <klay/audit/logger.h>
+
+int main(int argc, char** argv)
+{
+ audit::Logger::setLogLevel(audit::LogLevel::Trace);
+ testbench::Testbench::runAllTestSuites();
+
+ return 0;
+}
--- /dev/null
+#
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#SET(ODE_APPS ${ODE_TOOLS}/apps)
+SET(ODE_CLI ${ODE_TOOLS}/cli)
+
+#ADD_SUBDIRECTORY(${ODE_APPS})
+ADD_SUBDIRECTORY(${ODE_CLI})
--- /dev/null
+#
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+FILE(GLOB CLI_SRCS ode-admin-cli.cpp
+)
+
+SET(CLI_NAME ${PROJECT_NAME}-admin-cli)
+
+ADD_EXECUTABLE(${CLI_NAME} ${CLI_SRCS})
+SET_TARGET_PROPERTIES(${CLI_NAME} PROPERTIES PREFIX ""
+ COMPILE_DEFINITIONS PID_FILE_PATH="${RUN_DIR}/ode"
+ COMPILE_FLAGS "-fPIE"
+ LINK_FLAGS "-pie"
+)
+
+PKG_CHECK_MODULES(CLI_DEPS REQUIRED
+ klay
+ glib-2.0
+)
+
+INCLUDE_DIRECTORIES(SYSTEM ${CLI_DEPS_INCLUDE_DIRS} ${ODE_LIB})
+TARGET_LINK_LIBRARIES(${CLI_NAME} ${CLI_DEPS_LIBRARIES} ${PROJECT_NAME} ode)
+
+INSTALL(TARGETS ${CLI_NAME} DESTINATION sbin)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/**
+ * @file
+ * @brief CLI tool to encrypt/decrypt storage and secure erase
+ */
+#include <getopt.h>
+
+#include <string>
+#include <vector>
+#include <iostream>
+
+#include <klay/exception.h>
+#include <klay/filesystem.h>
+
+extern char** environ;
+
+static inline void usage(const std::string name)
+{
+ std::cout << "Usage: " << name << " [Option]" << std::endl
+ << std::endl
+ << "Options :" << std::endl
+ << " -h, --help show this" << std::endl
+ << std::endl;
+}
+
+int main(int argc, char* argv[])
+{
+ int opt = 0, index, ret = 0;
+
+ struct option options[] = {
+ {"help", no_argument, 0, 'h'},
+ {0, 0, 0, 0}
+ };
+
+ if (argc <= 1) {
+ usage(argv[0]);
+ return EXIT_SUCCESS;
+ }
+
+ while ((opt = getopt_long(argc, argv, "e:h", options, &index)) != -1) {
+ switch (opt) {
+ case 'h':
+ usage(argv[0]);
+ break;
+ default:
+ usage(argv[0]);
+ ret = -1;
+ }
+ }
+
+ return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
+}
projects / platform / core / security / ode.git / commitdiff